- cross-posted to:
- technology@lemmy.world
- cross-posted to:
- technology@lemmy.world
If you are interested in privacy you are probably interested in password storage … plus I wanted everyone to know about the inevitable future enshitification of this product. Spread the word and replacement recommendations are welcome too.
You must log in or # to comment.
This is really disappointing… I figured the open source nature of Bitwarden would save it from enshittification but as the author says, in the end, the company doesn’t need to keep it open source.
As soon as VC money comes in, the founders cash out and the enshittification begins as the VC will be expecting returns on their money.
Is it time block headlines with “quiet”? Its like AI decided that word gets the most clicks and its showing up everywhere.
Vaultwarden will survive. Since the client is open source, once they close the API and break compatibility of the clients with Vaultwarden, the old version of the app can simply be forked and rebranded. I also do hope that the KeyGuard app will continue to support vaultwarden as well since if bitwarden closes the API and makes a breaking change, as is likely to happen, it will break KeyGuard as well, but it will still work with VaultWarden for some time.
The real issue is that many people who are using Bitwarden aren’t savvy enough to host Vaultwarden in a secure way. Many people are careless with things like secret keys and such and dont know how to properly secure a web facing app or a VPN into their local network. But anyone who self hosts should result learn those things anyway. This one just happens to be a particularly high risk since it contains all of your passwords for everything else.
Time to recommend alternatives?!
Nothing has beaten KeePass for me so far. It takes a bit of setting up if you want your database to sync among all your devices, but in other aspects it’s perfect for me
EDIT: In case you’re curious, I use KeePassXC on PC, KeePassDX on Android, and Syncthing to sync the database.
How do I import too KeePassDX because it only accepts .kdbx format?
if you were looking for an excuse to torpedo this abomination, here it is. hosting this gargantuan stack just for an encrypted csv file? at least the client (electron) gobbles up RAM like it’s free while being bug-compatible with whatever chrome version was current half a year ago.
sadly, news ain’t great on the other side of the fence - keepassXC dev is all-in on vibeshitting; latest non-polluted version is 2.7.9.; works fine and the stuff they’re working on is pretty far from essential. some unknown folks forked it but who’s to say what their expertise is.
never thought I’d disable my autoupdate timers but here we are. keep your eyes open.
Can you explain the issues with KeePass? Or is there another thread?
This is my unverified understanding of the situation.
KeepassXC team added Copilot to their workflow to manage PRs and code some basic (according to KeepassXC) stuff.
the dev vibecodes; I make a distinction between using the crap as a boilerplate helper and a full-blown agentic “hey computer, do this but do it super-good!”. not only that, they got a super-asshole vibe as they removed claude traces from the repo and then flaunted that it’s so people won’t know what parts were vibeshat. “good luck finding the cutoff point”, I’m paraphrasing here.
to each their own, but that’s a hard pass for that fork from me.
A password manager is literally the poster child for “I would rather it lack features, but be built carefully by an expert.”
Not very trust inspiring. There’s a lot of flowery words encircling enshittification.
It does claim to want to always offer a free tier, but all the new values and buzzwords are funneled towards the paid versions.
Why the hell is anyone using anything other than KeePass?
- I want to get to my passwords on multiple devices. 2. Bitwarden has a nice feature where you can set up a trusted person to be able to get into your account by sending you an email and if you don’t respond “no” after a set period of time, they get access. This can be very valuable if the you are incapacitated or dead and that (trusted) person needs to take care of things using your passwords. Are those things available in KeePass, if so, great and I’ll have another look!
